On Sun, 31 Mar 2002, Morlock Elloi wrote: > First, access, as in path between two nodes. As long as this is under > centralised control (read chokable) little can be done. Current > schemes seem to rely on last decade's capabilities of ISPs, NSPs and > people that control the Switch.
Users pay for a product: connectivity, allowing them to run a number of services (currently, email, web, instant messaging, games, streaming multimedia and the like). Clearly, ISPs want to keep their customers happy, as they know that they will otherwise switch to another provider. As long as there is no legislative muscle applied to effect synchronized policy change they will do nothing on their own. As long as vanilla services do not require strong crypto authentication to operate (Sony, Redmond et al. are sure making headways there), you can camouflage as existing services. Anything else is far too easy to detect and to block. > Using odd ports, stego (going via 80) will not help asymmetric bandwidth. Bear Using odd ports makes you stand out like a lighthouse in the night. Don't. > in mind that bona fide consumers do not need more than 10 kbit/sec upload > speeds (CC number and product ID). I have a low end ADSL product, 128/768 kBit/s. Bandwidth upstream 12 kBytes/s effectively. This is sufficient for most of my needs, including secure telephony. Most ADSL is 384/1024 these days, and cable modem (6*10^3 customers in the U.S. alone) is roughly 500/500. In selected places with money and clue, FastEthernet to the home over routed mesh GBit Ethernet is being rolled out. Local bandwith in principle is not different from water, gas and electricity, and ought to come from local companies. > It will also not foil the new generation of routers that will do full > content-based switching on the fly. Clandestine content would have to be REGEX > and MUST (mauhrer's universal stat test, very fast in HW) indistinguishable > from legitimate traffic. Network transport layer should be content agnostic. As soon as you drop this requirement, creeping brokenness sets in. It's like using a shotgun to clean your house of rats: lots of collateral damage. Further argument: the faster the router, the less time to make a decision. Assuming, you want to use cut-through on a 10 GBps Ethernet link; how deep is your FIFO? What about purely photonic networks, which store the packets as sequence of bits in the fiber acting as FIFO, and only look shallowly at the headers? Final, and killer argument: even pedestrian cryptography (I only run a https server) not to speak of steganography makes such analysis prohibitively expensive. Something which might be crackable if you use MITM, or crunch through canned traffic, but who's going to put up that kind of heavy artillery against a few million rubes out there who just want their share in pirated movies and muzak? > The only way around this is disintermediation of routing - no ISPs, no NSPs. > Self-discovering wireless (hello, Jonathan) is the first step in that > direction. I don't know what will be the next one, but fucking with "Internet" > is a waste of time. Ad hoc wireless is neat, but don't assume you're golden just because you own the infrastructure, and there are no wires to trace. What 802.11b, currently the only widely deployed technology is effectively 6 MBit bandwidth/cell (assuming, no Bluetooth and other nasties are muddying up the 2.4 GHz band, including deliberate jamming). Urban networks will be typically hundreds to thousands cells across, requiring each cell to spend a large fraction of available bandwidth for transit traffic. 802.11a is 54 MBit/s on paper, and it might be the last technology deployed if the Man will get a clue as to what is going on out there. Any wireless data products must be approved (see recent ultrawideband semidebacle), giving you leverage to block them just as easily as shutting down the odd 31337 port at ISPs side. As long as you can't fab your own semiconductors on the desktop, you're limited to what is available commercially, which is subject to regulations subject to politics subject to lobbying. > Addressing - as in translation from a piece of known information to the working > pointer to the rest. > > What I use today come from three sources that I can do something about and the > fourth that I cannot do anything about. > > 1. My bookmarks - text strings to host names or IP numbers. About 90% of > lookups go through these. Since Google, I hardly ever use bookmarks. Though I keep an informal web trail out of habit. Should be web proxy's work, actually. > 2. Search engines - again, text strings to URLs, but not under my control. I > could run my own spider engine and build my own database, were I not too lazy > (and Google so good.) Clever tricks (dynamically presenting document hash URIs when indexing spiders comes by) nonwithstanding, Google is not P2Ps friend. Search engines come and go, and being businesses localizable in legal and physical space can't afford to get any flak. In the last month alone Google did display two distinct spots on its reputation, which could indicate that the business and legal weasels are starting to overwhelm them. The best way to index P2P content is to pack search engines into P2P packages, obviously. Document hashes are equidistributed, so why not let each node store a tiny slice of the index of the document hash space? Less paranoid approaches would just index 1000 nodes, most of them on the local network, where bandwidth is cheap, but a few randomly chosen from anywhere in the world. At a query fanout factor of 10^3, and using compact UDP queries (the nodes are mostly ephemeral, anyway) you only need three amplification steps to make Google look dated. Spidering is the bottleneck, anyway, and TByte drives are just round the corner, so you could certainly destill larger indexes up the node food chain, resulting in less overall traffic. > 3. DNS - name to IP. I could easily do away with this one by running my own > host tables with occasional nuisance of having to update them, but considering > the number of sites I visit and the rate of IP change (yes, I do keep host > tables for visited hosts just in case) this is not a big deal. Google pretty much removed the need for DNS. Which is dangerous, since so many people take it for granted. > 4. Routing tables - since demise of forward routing, I have no control of > whatever ISP/NSP chooses to do. Like sending all suspect requests via certain > host in Maryland. This is basically an access issue. That's the good part about ad hoc wireless meshes, they're intrinsically geodetic. > The issue here is not how to just REPLACE the current hierarchical addressing > schemes. The issue is how to construct a new addressing mechanism which will > prevent some future internic or ICANN from ever coming into existence. A > choke-point free addressing (CPFA). Routed meshes are intrinsically nonhierarchical as far as routing is concerned (they can be nicely hierarchical as far as addressing is concerned, allowing you to use them for geographically contrained queries via address masks). > The first requirement is counter-intuitive: the addressing must not be fully > automatic. The user will HAVE to burn a number of brain cycles for each > addressing operation. This is because any automated process can be subverted > and eventually will lead to ICANN. Just compute your address from WGS 84 GPS position fix (bits are cheap, a few of them buy you submicron positioning accuracy in geodetic polar coordinates relative to the local gravity well). Even unnecessary in ad hoc wireless, where the connectivity alone gives you iteratively refinable geographic constraints (if you can see your neighbours' signal strength or even signal time of flight you're in hog heaven already). No ICANN can take my geographic position away from me, and I don't have to query even my GPS receiver, I can just use the map. And I can't fake my position, because my neighbour nodes, if sensible, would refuse delivery. Subtle distortions might work, but not crass outright fakery. Unless you own and control the infrastructure over a large part of the world. > Compare this with going to restaurant and ordering "meat" or "vegetables" > without ever being presented with the menu. > > The second requirement is that authority must be completely distributed, in > effect non-existent in the traditional sense. I think that the only workable What is more distributed than querying your position relatively to your peers, or the landscape features? Which decree can take the position fix WGS 84 N48 04'14.8'' E11 36'41.2'' away from me, other than to make measurement more difficult? > solution is the one that maps on informal social structures - friends and > relatives providing address pointers and routes to each other (no, this does > not work for shopping at amazon - that is the whole point.) The shape of the physical layer is pretty much graven in stone, of course it's entirely up to you which virtual networks you can mount on top of that. > Or using principles of some other existing informal schemes - like hobos and > homeless do in urban areas. If you walk close to bridges and places that they > use for shelters, you will often see elaborate markings with chalk and > sometimes even paint. Someone wrote a paper on this, there is a whole > signalling language used to inform about many important issues - like places > good to overnight at and places never to be found at. If a relatively > unsophisticated population of travelling vagabonds can develop universally > understood signalling that does not rely on anyone else to work, I am sure that > engineers can do it as well. Engineers don't think as outlaws usually. The mindset seems to thrive in .com, .gov and .mil settings, which typically also make for low-hassle high-figure paychecks. The technical issues are simple, but getting people hooked using viral applications is nontrivial, especially in the worse-is-better context. User base doesn't evaluate architecture and scalability long term, they just grab the firstbest technology they can get their hands on. Getting this exactly right requires not only cunning, but also some dumb blind luck. Maybe, higher unemployment rate amongs engineers would help.
